| Cyber security Analyst III at Remote, Remote, USA |
| Email: [email protected] |
| From: Ranjeet Kumar, Source Infotech Inc [email protected] Reply to: [email protected] Hi , Role: Cyber security Analyst III Visa: No H1B/CPT MOI: Skype Client: State of Maine Location: Remote Linkedin Profile with photo(Must have) Cybersecurity Analyst III, the candidate will be responsible for cyber threat identification, evaluation, prioritization, and remediation activities under the direction of the Cyber Security Manager. The candidate will continuously review existing and proposed to protections to State of Maine systems, networks, and software designs, and is responsible for analyzing logging and alerting data, identifying, and escalating potential security events. The Cyber Security Analyst will partner with business users to support the integration of cybersecurity protections into business operations and will act as a key member of the security monitoring team. PRIMARY RESPONSIBILITIES: Deploy, manage, and maintain enterprise Cybersecurity toolsets Review proposed new systems, networks, and software designs for potential security risks, recommending mitigations or countermeasures, and resolving integration issues Provide a cybersecurity partnership with the business to ensure proper implementation of protections toward current and future projects Monitor the health of the customer managed asset and vendor managed Splunk infrastructure configuration Maintain the documented baseline configuration and executing the standard operating procedures to maintain the configuration Onboard new data sources to the Splunk for monitoring by the client SOC Troubleshoots issues with log sources or systems with vendors and stakeholders, and reports system defects as needed Experience with creating custom SIEM use cases, dashboards and visualizations, alerts, custom queries, data models, and reporting. Implement new Correlation Rules (Correlation Searches) in the Splunk environment Research and look for opportunities to adopt the best practices and industry standards to enhance the SIEM and SOAR platforms Development experience on the Splunk Phantom SOAR platform Comprehensive understanding of data analysis, data manipulation, databases, indexing, and all backend requirements that are required to operate a SIEM efficiently. Understanding of various security frameworks and/or methodologies (e.g., MITRE ATT&CK, NIST, etc.) Under direction and per procedures, perform required tasks and coordinate with IT and Incident Response team members to respond to security incidents Coordinate architecture and engineering activities with other IT teams as well as internal organizations in an efficient and professional manner. Assist with security monitoring efforts in the ingestion, aggregation, and retention of log and other system data Develop and manage ongoing process improvements and backlog to the entire security monitoring program Actively contribute to business architecture, requirements, reporting and analytic configurations, and processes, ticketing, and proposed roadmap tools. Develop cross-functional team relationships to become trusted point of contact and liaison for inquiries, subject matter expert coordinating all issues, capability gaps, and enhancement requests in the product. Develop, manage, and measure KPIs, KRIs and additional metrics to understand the trends, quality, and insights from the vulnerability results to facilitate business decisions, automation development, and update of executive dashboards, reports, and templates. Work as member of team on improving the State of Maine Secure Software Development Life Cycle framework and provide recommendation for improvement. In this role, this position will assist the Security Operations Center in maturing and developing a security monitoring program. This individual will work key stakeholders to establish security monitoring and event management practices to ensure the execution of this function to tighten the security posture State of Maine. Fill in other security functions as directed by the Security Operations Center Manager. Deploys a proactive approach to security using ethical hacking Uses a reactive approach to security that focuses on prevention, detection, and response to attacks Utilizes a mix of offensive and defensive tactics to provide cybersecurity MINMUM QUALIFICATIONS: Years of Relevant Experience: 10 years of information security experience, with a focus on architecting and administering a Security Information and Event Management (SIEM) and other Security Monitoring platforms within an enterprise environment. The ideal candidate will have knowledge of Windows or Linux systems and their associated scripting (PowerShell, python, bash) languages, experience with AWS or Azure cloud environments, and will have worked with products such as Splunk ES, Sentinel, LogRhythm, QRadar, Chronicle, or Sumo Logic. Preferred Education: 4-year college degree in computer science or a related field with advanced study preferred; One or more Splunk related certifications (Splunk Certified Architect, Splunk Enterprise Security Certified Admin, Splunk Certified Admin), or more relevant technical security certifications are a plus (GIAC, ISC2, CompTIA, EC Counsel, etc.) I would appreciate your valuable reply. Have a nice day. Thanks and regards Ranjeet kumar , IT-Technical Recruiter Source Infotech Inc P.O. Box 577, EDISON, NJ 08818-0577 Web:www.sourceinfotech Id: [email protected] Disclaimer: If you are not interested in receiving our e-mails then please reply with a "REMOVE" in the subject line at [email protected] for automatic removal. And mention all the e-mail addresses to be removed with any e-mail addresses, which might be diverting the e-mails to you. We are sorry for the inconvenience. Keywords: information technology Idaho New Jersey |
| [email protected] View all |
| Thu Aug 03 19:22:00 UTC 2023 |